Social Media & Facebook Security

Introduction

With more than 1 billion users worldwide, Facebook is the undisputed king of Internet social media. Unlike the early years of social media, however, when Myspace ruled, and Facebook was largely unknown, social networks have now proliferated to a point where they sometimes seem like separate “Internets” unto themselves. Besides Facebook, sites like Twitter, Tumblr, Google+, Pinterest, YouTube, Flickr, Foursquare, Instagram and LinkedIn – to name a few – attract hundreds of millions of visitors and followers. People flood these sites with personal pictures and videos, along with the personal details of their lives. Those details range from the mundane to uncomfortable, inappropriate, salacious, incriminating, sad and embarrassing, insightful and even – or rare occasions – profound. People also use these sites for fundraising, event organizing and political rallies and protests.Endless Streams of Data

In the process of accepting all this information, social media sites collect trillions of bytes of personal data; and therein lays the rub – the danger – of using these sites. How are they using all that personal information? What are the privacy policies of each site and how do those policies differ from site to site? How often do those policies change?

Equally important, what about security? Social media sites stockpile endless streams of data and users seem all too happy to keep supplying it; but how confident can users be, when signing up and posting to one of these sites, their private information remains private and won’t fall into the hands of scammers and cybercriminals? Will private data be sold? To whom, and to whom might the initial buyer sell that data?

The bigger they are…the harder they’re hacked

Social media security and privacy have taken center stage in recent years, with Facebook security policy often setting the tone and establishing the trends. Being the biggest and most prolific also makes Facebook the most frequently attacked. Users of any social media site should be careful about what information they share, but Facebook users should be especially diligent; scammers are out there – right now – looking to breach your security. Social media users must do everything possible to protect their private information or risk theft of their hard-earned money, credit card numbers, identity, or all of the above.

You post it, you own it – forever

A large measure of responsibility for preventing identity theft, embarrassment, legal trouble, or trouble in one’s personal or work life when using social media, lies with users themselves. Privacy policy and social media security, after all, can only go so far in protecting users. In the end, no matter what the scam, scandal, embarrassment or outrage arising from social media, the damaging or compromised information is usually – but not always – posted by the users themselves.

Do a search for “social media security,” and site after site reminds that anything posted to a social network – indeed to the Internet itself – remains there for all time. Even if the user deletes the damaging material, it’s still out there. Nothing – no picture, no scrap of data – be it downloaded to another computer, posted to another website, or backed up on a server somewhere, is ever truly gone. No level of social media security will ever change the perpetuity of the Internet. Consider that next time before you post an embarrassing or otherwise questionable picture. Think about this too: one study found that 70% of hiring directors excluded certain candidates based on unbecoming pictures, posts, or background information found online. More, searching the Web as part of background checks in hiring or admission procedures has become common. That embarrassing picture you posted from college? You know… the one you deleted years ago? Well, it just kept you from getting hired or promoted or from getting accepted to earn a higher degree.

Protect yourself

Social media security then, starts with the user. Returning to our search for social media security, one finds a number of recommendations for how users can protect themselves when using social media:

1) Know the policies of these sites regarding privacy and security; social media sites can be notorious for changing and updating these policies. Stay abreast of updates and revisions on all the sites you use. Fine-tune those settings for maximum privacy and control of your online experience; most social networks allow users to adjust their settings to precisely disseminate who sees what information about the user. Also, it’s important to understand how linked social media accounts interact. For instance, users can easily set their Twitter accounts, so that every tweet automatically posts to Facebook. When linking accounts, users should be sure that privacy and social media security settings on one account mesh with settings on the linked account.

2) Know your friends. This is especially important for users who amass large friend lists. It’s important to periodically review the list, making certain you know each person well enough to be warrant the title of ‘friend’ or ‘follower’. Make sure, too, that you’re comfortable with the privacy settings you’ve established with each individual user. There are lots of fake profiles on Facebook. Try as hard as it might, Facebook security can’t weed them all out. In fact, a recent blog by SC Magazine said that Facebook, itself, has admitted some 83 million fake profiles; that’s why it’s important to know who’s on your friend list and what private information they can access. If you don’t know them, delete them.

3) Don’t always trust your friends. Friend accounts can be hacked and then used to send fake messages trying to wheedle personal information from the victim. If the message is strange, seems out of character or like it was written by someone other than the account owner, don’t click the links. Instead, contact your friend, discuss the message and let them know they’ve been hacked.

4) Be careful what you “Like” and of the links you click. Just like email links, links posted to social media can be rigged by hackers and cyber-crooks to send the victim to a website that infects his or her computer with malicious software. Criminals can also use such links to trick users into sharing personal data – i.e. credit card, social security or bank account numbers – which they’ll then use to clean the user out. Likewise, Facebook’s “Like” button can also be rigged with malicious code.

5) Create your own, unique social media security questions with answers that won’t be posted elsewhere. Clever cyber-thieves can comb your personal information, focusing on seemingly innocuous information – i.e. your pet’s name, your mother’s maiden name, the name of your elementary school, etc. – and use that information to hack your account. How? Ever forgotten your password and answered a security question to regain access? How often does that question involve the name of a pet, your mother’s maiden name or other information you routinely, even inadvertently, post to your account(s)?

These are but a handful of measures users can take to increase their social media security. Others include using caution regarding third-party applications (e.g. FarmVille), creating strong passwords, and keeping browser and anti-virus/malware software up to date.

While each network is responsible for its specific polices and levels of security, social media users must understand they bear a large measure of responsibility for monitoring their accounts and the information they post. It’s important to know your friends, too. A common-sense approach is helpful when assessing friend lists. How do you know this person? How much access to your personal information does he or she have? Can you verify his or her identity? If not, you should remove them. Always be wary of clicking links, too, and don’t always assume a message from a friend actually came from that friend.